2 Replies Latest reply: Jun 7, 2011 2:20 PM by Arno RSS

    SGD 4.5 - secondaries suddenly not accepting connections

      We have 3 SGD servers, a single primary and two secondaries. We have firewall traversal configured.

      Suddenly with no configuration changes or other modifications, a couple of days ago, the 2 secondaries reported that they are not accepting secure connections...

      DNS is all fine, hosts/resolv.conf entries have not been changed, all machines can be pinged and telnet operates perfectly between servers on port 5427 - time/ntp is also fine, SSL certs are all valid, present and correct.

      Restarting the tarantella service on each of the secondaries gives no errors on the terminal - the following messages are logged to /opt/tarantella/var/log/error.log when connections are attempted:

      2011/06/03 09:15:34.859 ssl7817 ssldaemon/listen/badclientIPerror
      Sun Secure Global Desktop Software (4.5) ERROR:

      Secure Global Desktop Security Daemon is unable to determine the remote IP address
      of an incoming connection.
      The reported error: getpeername(427,<address>,16): (22) Invalid argument
      Due to security considerations this connection is not allowed. ssldaemon/listen/badclientIPerror

      As a drastic measure, I attempted to removed the secondaries from the array and re-add back in, but now I cannot add them back in!

      If I use their DNS name in the "tarantella array join" command, it fails with "Can't contact the server myserver.mydomain (javax.naming.CommunicationException: ErrTransportPermanent)."

      If I use the IP address on the local net instead, then it fails with "Unable to add slave. It is already part of an array. Couldn't join the array." - this is even after a "tarantella array clean" on the secondaries. They each report that they are primaries (which from the documentation is the correct state for them to be in)

      Thankfully the primary users are currently contacting is still working fine and I haven't made ANY configuration changes to it since we need it to be up, but for the time being the secondaries do not function. I cannot reboot any of the servers since they are also members of a VDI cluster array (which is also working OK) - just SGD has suddenly decided not to work.

      Any ideas before I open a support call?
        • 1. Re: SGD 4.5 - secondaries suddenly not accepting connections
          I restarted the primary, and was able to add back in the other array members - all is working again...sounds like a bug - there was definitely no trace of the secondaries in any of the primary's config after breaking the array...

          Still no idea why they stopped accepting connections for a few days, but for anyone else with this problem, breaking/rebuilding the array (although possibly a bit "sledgehammer-to-crack-a-nut") seemed to do the trick...
          • 2. Re: SGD 4.5 - secondaries suddenly not accepting connections
            Are you running 4.50.933 or 4.50.907? In version 933 quite a few array bugs are fixed. If possible please upgrade to version 4.61 since many more issues are solved!



            Arno Staal
            Divider B.V.